How to Prepare for the Fall Exam - PowerPoint PPT Presentation

1 / 24
About This Presentation
Title:

How to Prepare for the Fall Exam

Description:

Spring Exam (John Wraith) worth 50 marks on e-commerce management. John has briefed you separately. Exam Ground Rules. We are aware some of you are relatively non ... – PowerPoint PPT presentation

Number of Views:40
Avg rating:3.0/5.0
Slides: 25
Provided by: harry8
Category:
Tags: briefed | exam | fall | prepare

less

Transcript and Presenter's Notes

Title: How to Prepare for the Fall Exam


1
How to Prepare for the Fall Exam
  • COM380/CIT304
  • Harry Erwin, PhD
  • University of Sunderland

2
Exam Structure
  • Two parts
  • Fall Exam (Harry Erwin)
  • Security, with three questions of 20 marks each.
    You answer two.
  • Server Side Technology, with two questions of 10
    marks each. You answer one.
  • Spring Exam (John Wraith) worth 50 marks on
    e-commerce management.
  • John has briefed you separately.

3
Exam Ground Rules
  • We are aware some of you are relatively
    non-technical.
  • We are aware that even those of you who are
    technical come from a number of courses.
  • The exam is designed to be passable by all of
    you. It tests critical thinking.
  • The exam is hard, but the marking takes that into
    account.
  • You need to pass the exam as a whole, not each
    part individually.

4
Reread
  • Schneier, Beyond Feardiscusses how to think
    critically about security. Know his five-step
    analysis process and be able to apply it.
  • Schneier, Secrets and Liesthe threat
    environment. Understand what it may mean for your
    organization.
  • Anderson, Security Engineeringthe technology
    (Dont memorizebut know how it fits in!)
  • Erwin, COM380 Lecture Slidesthinking about
    security requirements and solutions

5
Be Able To
  • Define the terms used in security
  • Describe what a security analyst does.
  • Write a job description for a security analyst.
  • Conduct a job interview for a security engineer/
    analyst in your field.
  • Identify snake-oil when someone tries to sell you
    some technology.
  • Know what probing questions to ask as a skeptical
    manager with some money to spend on security.
  • Know what each security technology is good for.

6
For Example
  • Suppose someone tries to sell you an intrusion
    detection system as a security solution.
  • Know what an IDS is good (and bad) for.
  • Know the two basic IDS technologies and their
    strengths and weaknesses.

7
Another Example
  • Do ID cards solve the terrorism problem?
  • What do ID cards do?
  • What are their risks?
  • What are the threats to ID cards?
  • What do they not do?
  • Do they solve the problem?

8
Likely Exam Areas
  • The Threat
  • Risk Analysis
  • Trust Analysis
  • Policies (particularly legal areas)
  • Assumptions of Secure Operation
  • Security Objectives
  • Security Mechanisms
  • Securing E-Commerce

9
The Server-Side Technology Questions
  • Read up on server side technology (see Bergsten,
    JavaServer Pages and my lectures for a start).
  • Be prepared to evaluate it critically.

10
Some Questions from Previous Years
  • The 25-mark security questions are from 2003, the
    20-mark security questions from 2004, and the
    10-mark server-side questions from 2004.
  • You wont see these specific questions on the
    exam.

11
Risk Analysis (25 marks total)
  • What is a risk and how does it differ from a
    vulnerability or threat? (10 marks)
  • Describe the risk analysis process in detail
    using an example. (10 marks)
  • What information does a complete risk analysis
    give a manager? How can he use it in risk
    management? (5 marks)

12
Security Mechanisms (25 marks total)
  • Audit describes a specific family of security
    mechanisms. In an essay,
  • a) Explain what an audit mechanism does and
    describe the possible uses of audit log data (5
    marks)
  • b) Describe and critically justify against
    alternatives an approach to audit in a
    distributed environment. (10 marks)
  • c) Describe the risks associated with the storage
    of audit log data and how to mitigate those
    risks. Critically justify your recommended
    approach. (10 marks)

13
Intrusion Detection (25 marks total)
  • a) Explain what an intrusion detection system
    does. (6 marks)
  • b) Describe in detail the three problems that
    developers of intrusion detection systems must
    solve
  • i) The timely notification problem (3 marks)
  • ii) The false alarm problem (3 marks)
  • iii) The response problem (3 marks)
  • c) Name and describe two general approaches to
    intrusion detection, compare them critically, and
    explain how they address the three problems
    listed under (b). (10 marks)

14
Job Description (20 marks)
  • What questions does a computer security analyst
    have to answer about a system? Discuss in detail
    using an example of a specific kind of business
    or service, e.g., an e-mail provider, a business
    web-site, a human resources department of a
    company, an electronic voting system, or an
    on-line bank. Describe critically how the analyst
    might approach each question.

15
Threat Environment (20 marks)
  • Critically evaluate the current threat
    environment for a specific kind of business or
    service, for example an e-mail provider, a
    business web-site, a human resources department
    of a company, an electronic voting system, or an
    on-line bank. In other words, what are the
    threats, what is their relative importance, why
    did you come up with that rank-ordering, and how
    can the system be protected against those threats?

16
Privacy (20 marks)
  • Describe the EU and US legal positions on
    individual privacy, and critically compare them.
    Critically discuss the possible ways that a US
    business has to address the requirements of the
    EU Data Protection Directive.

17
Job Description (20 marks)
  • Assume you are hiring a security analyst.
    Describe and critically justify the required
    knowledge (10 marks) and skills (10 marks) you
    would list on the job description.

18
Trust Analysis (20 marks)
  • Explain how to do a trust analysis (10 marks) and
    critically discuss mechanisms to enforce trust.
    (10 marks)

19
ID Cards (20 marks)
  • Discuss in a short critical essay the Home Office
    proposal on identification cards.

20
Server-Side Technology (10 marks)
  • Four example technologies were given and the
    following choices of question posed
  • Describe and evaluate in detail the technical
    pros and cons of these four approaches. That is,
    from a technical perspective, what are the issues
    that affect the choice of approach and what
    factors need to be assessed in making that choice?

21
SST Question Continued
  • Describe and evaluate in detail the security pros
    and cons of these four approaches. That is, from
    a security perspective, what are the issues that
    affect the choice of approach and what factors
    need to be assessed in making that choice?
  • Describe and evaluate in detail the managerial
    pros and cons of these four approaches. That is,
    from the perspective of a non-technical manager,
    what are the issues that affect the choice of
    approach and what factors need to be assessed in
    making that choice?

22
Server-Side Technology
  • The ref-def question used another example, web
    services, but asked the same questions.

23
Changes this year
  • The security questions remain similar. One will
    be on security in general that can be answered
    based on Schneier and the lectures, a second on
    some specific technology discussed in Anderson,
    and the third will be a critical analysis of a
    current security proposal.
  • The server-side question now asks for a critical
    comparison of technical approaches. You will have
    a choice of question here.

24
Questions?
Write a Comment
User Comments (0)
About PowerShow.com